Join in Windows Active Directory Domain with Samba Winbind.
This tutorial needs Windows Active Directory Domain Service in your LAN.
This example shows to configure on the environment below.
Domain Server : Windows Server 2008 R2
Domain Name : E-FD3S0
Realm : E-FD3S.SERVER.WORLD
Hostname : e-fd3s.server.world
[1] Install Winbind.
[root@lan ~]# yum -y install samba-winbind samba-winbind-clients pam_krb5
[2] Configure Winbind.
# replace ifcfg-xxx to your own environment [root@lan ~]# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736 # change to the DNS to AD's one DNS1=10.0.0.150 [root@lan ~]# systemctl restart network DISABLED SELinux in /etc/sysconfig/selinux
[3] Join in Windows Active Directory Domain.
# join in Active Directory ( net ads join -U [AD's admin user]) [root@lan ~]# net ads join -U Administrator Enter Serverworld's password: Using short domain name -- E-FD3S0 Joined 'LAN' to dns domain 'e-fd3s.server.world' DNS Update for lan.server.world failed: ERROR_DNS_UPDATE_FAILED DNS update failed: NT_STATUS_UNSUCCESSFUL [root@lan ~]# systemctl start winbind [root@lan ~]# systemctl enable winbind # show domain info [root@lan ~]# net ads info LDAP server: 10.0.0.150 LDAP server name: e-fd3s.e-fd3s.server.world Realm: E-FD3S.SERVER.WORLD Bind Path: dc=E-FD3S,dc=SERVER,dc=WORLD LDAP port: 389 Server time: Sun, 07 Sep 2014 21:31:27 JST KDC server: 10.0.0.150 Server time offset: -3 # show AD users info [root@lan ~]# wbinfo -u administrator guest serverworld krbtgt # show AD groups info [root@lan ~]# wbinfo -g domain computers domain controllers schema admins enterprise admins cert publishers domain admins domain users domain guests group policy creator owners ras and ias servers allowed rodc password replication group denied rodc password replication group read-only domain controllers enterprise read-only domain controllers dnsadmins dnsupdateproxy # switch to an AD user [root@lan ~]# su - serverworld Creating directory '/home/serverworld'. [serverworld@lan ~]$